User Phish Alert Notifications on Symbol

User Phish Alerts

Phish Alerts come from the use of the Outlook Report a Phish (or alternative). This is a configuration made by admins on the email provider used by their companies. If you want to learn how to configure the Report a Phish for Outlook click here.

Once the RAP (Report a Phish) has been configured, all users from that company will be able to report a suspicious phishing email by clicking on that button. We call this reporting action as "Phish Alerts". 

If you're an admin of a Company on Symbol, you'll be able to see all the reports made by your users by navigating to the left sidebar of your Company and clicking on Reports > Phishing Alerts. It will display a list of all the alerts sorted by date/time. 

There are multiple types of alerts:

  • Simulation (it appears when the email reported is part of a Symbol phishing campaign).
  • Suspected Phish (it means that the reported email is not part of a phishing campaign and could be a potential phish email).
  • Internal (It means that the user reported one of the internal emails delivered by Symbol Security, it could be for example a training assignment email, which is not phish attempt).

However, the admin could change the category of suspected phish to be:

  • Malicious: Most severe designation for a suspect phish email.

  • Spam: Spam emails that could be suspect.

  • Normal: An email that is not a Symbol phishing email or a suspected phish.

When looking at the details of any alert, admins could see information like:

  • Report Date/Time
  • Subject Message
  • Sender Name
  • Email Provider
  • User Who reported the phish

If the reported email is part of a phishing campaign admins will be able to jump into the phishing template and if the reported email is a suspected phish they will be able to download a .txt with the content of the email.